Method and system for controlling network access

ABSTRACT

A method and system for disabling traffic from a specific device or devices on a WiFi network via a remote script or other action. In one embodiment, the method is implemented as an application that executes on a device such as a smart phone (e.g., IOS iPhone, Android operating system device) or tablet (e.g., iPad).

RELATED APPLICATION(S)

The present disclosure claims priority to Provisional Application 61/657,963 filed Jun. 11, 2012, which is incorporated herein by reference in its entirety for all purposes.

FIELD OF THE INVENTION

This disclosure relates to a method and system for managing an internet connection (LAN, WAN, or other connections) remotely from a connected or wireless device such as a smartphone (e.g., IOS iPhone, Android operating system device etc.), tablet (e.g., iPad), or even a desktop app (e.g., a OSX App via the “App store” or PC App, for example a Windows 8 App).

BACKGROUND

More and more devices, including game consoles, computers, and laptops to name a few, utilize bandwidth. The bandwidth requirements of such systems can become problematic when the devices are all accessing the same network. Accordingly, there is a need to control connections within a local area network and out of a network. An example of a connection that may need to be controlled is, a WiFi router for disabling traffic from a specific device or devices on the network via a remote script or other action.

SUMMARY

The present disclosure provides a method and system for disabling traffic from a specific device or devices on a network via a remote script or other action. In one embodiment, the method is implemented as an application that executes on a device such as a smart phone (e.g., IOS iPhone, Android operating system device), tablet (e.g., iPad) or a desktop app (e.g., a OSX App via the “App store” or PC App, for example a Windows 8 App).

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates an example of what the user sees and does the first time through the disclosed method in accordance with the present disclosure.

FIG. 2 illustrates an example of the user experience after the method (implemented via a smartphone, tablet or other WiFi enabled device) is initially set up for use in accordance with the present disclosure.

FIG. 3 illustrates an example of the disclosed method (i.e., application) in relation to what it controls in accordance with the present disclosure.

FIG. 4 illustrates an example of a system constructed in accordance with this disclosure, and various controlled devices in accordance with the present disclosure.

FIG. 5 illustrates an example of a user interface in accordance with the present disclosure.

DETAILED DESCRIPTION

The present disclosure provides network control for wireless and connected devices. That is, the disclosure provides a “Network Access Manager.”

The application has the ability to log into a network, such as via a router, in order to disable/enable traffic from a specific device on the network via a remote action. This action may be run from a mobile or wired device running the application, such as, but not limited to, an iOS iPhone/iPad or Android operating system device.

Using the native iOS/Android development languages such as Objective-C or Java, the application will utilize reconstructed POST form data to login to administrative control pages. The application controls the Internet access of devices connected to the network by manipulating access control policies, however implemented on the network (e.g. MAC address filters on a router), via the controlling device's (e.g. the router's) administration pages and/or APIs.

On initial launch of the application, one embodiment scans for all routers within its range and allows the user to select a router to access and control while another embodiment has the router preconfigured to work with the application and simply requires authentication before administration of devices connected to it. In both embodiments, the application determines the make and model of the router in order to understand how to turn network access on and off for devices that are connected if access control is not already known by the application. In one embodiment, the application prompts the user to provide at least one form of authentication, for example, but not limited to, entering the wireless router's administrative login and password. Other authentication methods could easily replace standard login/password combination authentication, for example, but not limited to, biometric identification. The application then displays the list of devices on the network. In one embodiment, devices on the network can be named/renamed by the user for easy reference. In one embodiment, disabling the internet/network access of a device is achieved by clicking on a graphical control switch adjacent to the device label (or on the label itself). Reenabling the internet/network access of a device is achieved via the same control switch (or, again, via the device's label itself).

FIG. 1 illustrates a method 100 of the present disclosure and the steps taken by a user upon initially starting the system. First a user enables the system (not shown) for instance by selecting an icon via a touch screen or other user interface. Then at step 110 the system displays a splash screen, such as a screen showing the system's logo and/or other information. During start up, for instance while the splash screen is displayed at step 110, the system scans the network to locate connected devices. This can include locating one or more routers available to be controlled or may involve identifying devices connected to a preconfigured router. At step 112 the system displays devices available on the network to the user and allows the user to select a particular device, such as a router to connect to and control. For clarity the controlled device is referred to herein as a router (to distinguish it from devices connected to the router), but it can be any device facilitating a connection to one or more other devices. This step can be skipped if the system is preconfigured to control a particular router. Once the user has selected a router to control, at step 114 the system allows the user to login to the router by receiving login information such a username and password, biometric data, or other identifying data.

After step 114 the system displays a list of devices connected to the router. At step 116 the user can select a particular device for instance by selecting an icon via a touch screen or other user interface. Then at step 118 a device detail screen is displayed showing information about the selected device. At step 120 the user can give the device a name to identify it such as Suzie's PC or Tim's iPad Mini. Finally at step 122 the system allows the user to add the device to a white list, meaning it is allowed to connect to the router. This initialization process is only necessary upon initial log-in or to allow a new device to connect to the router that has not previously been added to the white list. Alternatively, all devices can be allowed to access the internet via the router until such time that the connection is disabled by the user. In this instance the router maintains a list of devices that are not allowed to access the internet as opposed to a list of devices that are allowed to access the internet.

FIG. 2 illustrates a method 200 of the present disclosure and the steps taken by a user while using the system after the initial set up is complete. At step 210 the system displays a list of devices connected to the router. At step 212 the user can select a device. Then at step 214 the user can block the selected device. It is also possible to allow access to a previously blocked device by the same process of selecting the device and unblocking it (as opposed to blocking it). The blocking and unblocking can be achieved via a simple toggle mechanism, such as a slider or on/off button in the system.

FIG. 3 shows the various devices used in the system 300. A smart phone 310 running a mobile application provides the mobile control of a router 312. The smart phone can also be a tablet or other device that is capable of running application software. The smartphone 310 communicates with router 312 via a mobile internet connection. The mobile internet connection can be any known method including, but not limited to, 3G, 4G, LTE, or WiFi. FIG. 2 also illustrates three devices 314, 316, 318 that are connected to the router 312, which can be controlled via the systems and methods of the current disclosure. Devices 314, 316, 318 can be any device connected to the router, for instance mobile phones, computers, tablets, game consoles, etc. Three devices are shown in this example, but more or fewer devices may be connected to the router and controlled by the systems and methods of the current disclosure.

FIG. 4 shows another embodiment of the invention as implemented in a system 400. A device 410 runs an application 436 that allows for either wireless or wired control of internet/network connections. Device 410 can be any device capable of running the application including, but not limited to, a smart phone, tablet, laptop or desktop computer, or other computing device. Device 410 includes a processor 430 that is operable to execute computer code such as application 436. Device 410 further includes a memory 432 and a random access memory (RAM) 434. Application 426 can be stored in memory 432 for execution by processor 430. Device 410 also includes an operating system 438 and a display 435. Operating system 438 can be any operating system depending upon the type of device 410. For instance, if device 410 is a smart phone or tablet operating system 438 may be an iOS or Android operating system. If device 410 is a laptop or desktop computer, operating system 438 may be a Windows operating system, a Linux based operating system, or OS X, among others. Similarly, display 435 can vary depending upon the type of device 410. For instance, if device 410 is a smart phone or tablet display 435 may be a touch screen such that it can display data while also serving as an input source for the user. If device 410 is a laptop or desktop computer display 435 may still be a touch screen, but can also be a standard screen used in conjunction with other input devices such as mouse or keyboard (not shown). All of the subcomponents of device 410 are connected and able to communicate via a bus or other communication interconnect 437.

Device 410 communicates with a router 412 via communication path 442 to acquire information from the router and to update access control policies. Router 412 can be a wireless or wired router or any other type of device allowing connected devices to access the Internet or network. Communication path 442 between the device 410 and the router 412 can be a WiFi connection, wired connection, a cellular data network, or any combination of data connections. Connected devices 414, 416, 418 are connected to the router 412 via communication paths 446 and access the internet or a network via their connection to router 412. Communication paths 446 may connect the connected devices 414, 416, 418 to router 412 by wireless or wired connections. Device 410 can also communicate with a web service AP via communication path 440 by any known communication technique. The web service API uses a router mapping database via communication path 444 to parse data received from the router 412 via the device 410.

In use the device 410 logs into router 412 based on input from a user or based on preconfigured access properties. The device then requests and receives access control information from the router 412. The device 410 sends the data to the web service API 420 which parses the data for the device 410. Next the device requests and receives information from the router regarding the connected devices 414, 416, 418. This data is also sent to the web service API 420 for parsing. The device 410 is operable to accept user input regarding access of a new or existing device to the Internet or network via router 412. The user can choose to allow access to a new device, deny access to a new device, disable access of a previously allowed device, or reenable access of a previously disabled device. The device 410 then sends updated access control information to the router 412 to enforce the new access policy. In this way the user can readily monitor and control access of devices connected to the internet or network via router 412. In general, when in use the processor 430 executes instructions that are part of application 436 to carry out the various actions discussed above.

FIG. 5 shows a sample device 505 with a user interface 500 for the presently disclosed systems and methods. Device 505 can be any device discussed herein and can include the various subcomponents discussed above relative to device 410 in FIG. 4. The user interface includes a list of connected devices (6 devices shown). Each device includes identifying information such as 510, 514. The identifying information may include a device name (such as Tim's iPad Mini for device 514) as well as a MAC address. The user interface includes a toggle switch to enable or disable access to each device. In FIG. 5 toggle switch 512 for Jonathan's Macbook is in the “online” position which means the device is allowed access to the Internet or network. Toggle switch 516, on the other hand, is in the “offline” position indicating the internet/network connection for Tim's iPad Mini is disabled. The user can control the access of each device by simply changing the positions of the toggle switches. In an alternate embodiment, rather than using toggle switches the user may simply touch the device identifier to toggle the access permission. In this instance it is possible to color code the device identifiers to indicate which devices have access and which devices do not have access. By providing simple toggle switch user interface the user can quickly modify internet/network access policies with little or no typing and minimal required navigation.

In accordance with the practices of persons skilled in the art of computer programming, embodiments of the methods are described with reference to operations that are performed by a computer system or a like electronic system such as a mobile application running on a mobile phone or tablet. Such operations are sometimes referred to as being computer-executed. It will be appreciated that operations that are symbolically represented include the manipulation by a processor, such as a central processing unit, of electrical signals representing data bits and the maintenance of data bits at memory locations, such as in system memory, as well as other processing of signals. The memory locations where data bits are maintained are physical locations that have particular electrical, magnetic, optical, or organic properties corresponding to the data bits.

When implemented in a programmed device or system, the elements of the embodiments may be essentially the code segments to perform the necessary tasks. The non-transitory code segments may be stored in a processor readable medium or computer readable medium, which may include any medium that may store or transfer information. Examples of such media include an electronic circuit, a semiconductor memory device, a read-only memory (ROM), a flash memory or other non-volatile memory, a floppy diskette, a CD-ROM, an optical disk, a hard disk, a fiber optic medium, etc. User input may include any combination of a keyboard, mouse, touch screen, voice command input, etc. User input may similarly be used to direct a browser application executing on a user's computing device to one or more network resources, such as web pages, from which computing resources may be accessed.

While various embodiments have been described above, it should be understood that those embodiments have been presented by way of example only and are not meant to limit the claims below. Thus, the breadth and scope of the invention should not be limited by the specific embodiments discussed above, but only according to the claims and their equivalents. 

I claim:
 1. A method of controlling internet access, the method comprising: displaying on a user interface a list of devices connected to the internet via a controlled device; receiving input from a user via the user interface regarding the permission of one or more devices to access the internet via the controlled device; and sending permission information to the controlled device to update the permission of one or more devices to access the internet via the controlled device.
 2. The method of claim 1, wherein the user interface includes a toggle switch indicating the current permission setting for each of the listed devices.
 3. The method of claim 2, wherein receiving input from a user includes recording a change in the position of at least one toggle switch.
 4. The method of claim 1, wherein the user interface is part of a mobile device.
 5. The method of claim 4, wherein the mobile device communicates wirelessly with the controlled device.
 6. The method of claim 1, wherein the controlled device is a network router.
 7. The method of claim 1, wherein the user interface is part of a laptop or desktop computer.
 8. The method of claim 7, wherein the laptop or desktop computer communicates with the controlled device through a wired connection.
 9. The method of claim 1, further comprising prior to the displaying step: receiving data from the controlled device regarding at least one of access permission and connected devices; sending the data to a web service api; and receiving parsed data from the web service api.
 10. The method of claim 1, further comprising: receiving login information from the user relative to the controlled device; and verifying the login information before displaying the list of devices connected to the internet via the controlled device.
 11. A non-transitory computer readable storage medium with an executable program thereon, the program instructing a device to: display on a user interface a list of devices connected to a controlled device; receive input from a user via the user interface regarding the permission of one or more devices to access the internet via the controlled device; and send permission information to the controlled device to update the permission of one or more devices to access the Internet via the controlled device.
 12. The non-transitory computer readable storage medium of claim 11, the program further instructing the device to display a toggle switch indicating the current permission setting for each of the listed devices.
 13. The non-transitory computer readable storage medium of claim 12, the program further instructing the device to record any changes in the position of the toggle switches and to send the updated position of any changed toggle switch to the controlled device upon the occurrence of the change.
 14. The non-transitory computer readable storage medium of claim 11, the program further instructing the device to: receive data from the controlled device regarding at least one of access permission and connected devices; send the data to a web service api; and receive parsed data from the web service api.
 15. The non-transitory computer readable storage medium of claim 11, the program further instructing the device to: receive login information from the user relative to the controlled device; and verify the login information before instructing the device to display the list of devices connected to the internet via the controlled device. 